glmv-pdf-to-ppt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts HTTP/HTTPS PDF URLs and downloads them ("Input: $ARGUMENTS is the path to the PDF file (local) or an HTTP/HTTPS URL" / "If the input is a URL, download it first"), then requires the agent to "Read All Pages in Order" (Phase 2) and use that content to plan slides and drive cropping/subagent actions (Phases 3–4), so arbitrary public PDFs can be ingested and materially influence agent decisions and tool use.